[thirdparty/systemd.git] / man / nss-resolve.xml

<?xml version='1.0'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
  "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<!-- SPDX-License-Identifier: LGPL-2.1+ -->

<refentry id="nss-resolve" conditional='ENABLE_NSS_RESOLVE'>

  <refentryinfo>
    <title>nss-resolve</title>
    <productname>systemd</productname>
  </refentryinfo>

  <refmeta>
    <refentrytitle>nss-resolve</refentrytitle>
    <manvolnum>8</manvolnum>
  </refmeta>

  <refnamediv>
    <refname>nss-resolve</refname>
    <refname>libnss_resolve.so.2</refname>
    <refpurpose>Hostname resolution via <filename>systemd-resolved.service</filename></refpurpose>
  </refnamediv>

  <refsynopsisdiv>
    <para><filename>libnss_resolve.so.2</filename></para>
  </refsynopsisdiv>

  <refsect1>
    <title>Description</title>

    <para><command>nss-resolve</command> is a plug-in module for the GNU Name Service Switch (NSS) functionality of the
    GNU C Library (<command>glibc</command>) enabling it to resolve hostnames via the
    <citerefentry><refentrytitle>systemd-resolved</refentrytitle><manvolnum>8</manvolnum></citerefentry> local network
    name resolution service. It replaces the <command>nss-dns</command> plug-in module that traditionally resolves
    hostnames via DNS.</para>

    <para>To activate the NSS module, add <literal>resolve [!UNAVAIL=return]</literal> to the line starting
    with <literal>hosts:</literal> in <filename>/etc/nsswitch.conf</filename>. Specifically, it is
    recommended to place <literal>resolve</literal> early in <filename>/etc/nsswitch.conf</filename>'s
    <literal>hosts:</literal> line. It should be before the <literal>files</literal> entry, since
    <filename>systemd-resolved</filename> supports <filename>/etc/hosts</filename> internally, but with
    caching. To the contrary, it should be after <literal>mymachines</literal>, to give hostnames given to
    local VMs and containers precedence over names received over DNS. Finally, we recommend placing
    <literal>dns</literal> somewhere after <literal>resolve</literal>, to fall back to
    <command>nss-dns</command> if <filename>systemd-resolved.service</filename> is not available.</para>

    <para>Note that <command>systemd-resolved</command> will synthesize DNS resource records in a few cases,
    for example for <literal>localhost</literal> and the current local hostname, see
    <citerefentry><refentrytitle>systemd-resolved</refentrytitle><manvolnum>8</manvolnum></citerefentry> for
    the full list. This duplicates the functionality of
    <citerefentry><refentrytitle>nss-myhostname</refentrytitle><manvolnum>8</manvolnum></citerefentry>, but
    it is still recommended (see examples below) to keep <command>nss-myhostname</command> configured in
    <filename>/etc/nsswitch.conf</filename>, to keep those names resolveable if
    <command>systemd-resolved</command> is not running.</para>
  </refsect1>

  <refsect1>
    <title>Example</title>

    <para>Here is an example <filename>/etc/nsswitch.conf</filename> file that enables <command>nss-resolve</command>
    correctly:</para>

    <!-- synchronize with other nss-* man pages and factory/etc/nsswitch.conf -->
<programlisting>passwd:         compat systemd
group:          compat [SUCCESS=merge] systemd
shadow:         compat

hosts:          mymachines <command>resolve [!UNAVAIL=return]</command> files myhostname dns
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

netgroup:       nis</programlisting>
  </refsect1>

  <refsect1>
    <title>See Also</title>
    <para>
      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>systemd-resolved</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>nss-systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>nss-myhostname</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>nss-mymachines</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
      <citerefentry project='man-pages'><refentrytitle>nsswitch.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
    </para>
  </refsect1>

</refentry>
Commit	Line	Data
514094f9	1	<?xml version='1.0'?>
3a54a157	2	<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
0d6868f9	3	"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
0307f791	4	<!-- SPDX-License-Identifier: LGPL-2.1+ -->
0d6868f9	5
08540a95	6	<refentry id="nss-resolve" conditional='ENABLE_NSS_RESOLVE'>
0d6868f9 LP	7
	8	<refentryinfo>
	9	<title>nss-resolve</title>
	10	<productname>systemd</productname>
0d6868f9 LP	11	</refentryinfo>
	12
	13	<refmeta>
	14	<refentrytitle>nss-resolve</refentrytitle>
	15	<manvolnum>8</manvolnum>
	16	</refmeta>
	17
	18	<refnamediv>
	19	<refname>nss-resolve</refname>
	20	<refname>libnss_resolve.so.2</refname>
e9dd6984	21	<refpurpose>Hostname resolution via <filename>systemd-resolved.service</filename></refpurpose>
0d6868f9 LP	22	</refnamediv>
	23
	24	<refsynopsisdiv>
	25	<para><filename>libnss_resolve.so.2</filename></para>
	26	</refsynopsisdiv>
	27
	28	<refsect1>
	29	<title>Description</title>
	30
9053aaad	31	<para><command>nss-resolve</command> is a plug-in module for the GNU Name Service Switch (NSS) functionality of the
38b38500	32	GNU C Library (<command>glibc</command>) enabling it to resolve hostnames via the
9053aaad LP	33	<citerefentry><refentrytitle>systemd-resolved</refentrytitle><manvolnum>8</manvolnum></citerefentry> local network
	34	name resolution service. It replaces the <command>nss-dns</command> plug-in module that traditionally resolves
	35	hostnames via DNS.</para>
	36
44b7aedb ZJS	37	<para>To activate the NSS module, add <literal>resolve [!UNAVAIL=return]</literal> to the line starting
	38	with <literal>hosts:</literal> in <filename>/etc/nsswitch.conf</filename>. Specifically, it is
	39	recommended to place <literal>resolve</literal> early in <filename>/etc/nsswitch.conf</filename>'s
	40	<literal>hosts:</literal> line. It should be before the <literal>files</literal> entry, since
	41	<filename>systemd-resolved</filename> supports <filename>/etc/hosts</filename> internally, but with
	42	caching. To the contrary, it should be after <literal>mymachines</literal>, to give hostnames given to
	43	local VMs and containers precedence over names received over DNS. Finally, we recommend placing
	44	<literal>dns</literal> somewhere after <literal>resolve</literal>, to fall back to
	45	<command>nss-dns</command> if <filename>systemd-resolved.service</filename> is not available.</para>
2b015ea4	46
d296c20f LP	47	<para>Note that <command>systemd-resolved</command> will synthesize DNS resource records in a few cases,
	48	for example for <literal>localhost</literal> and the current local hostname, see
	49	<citerefentry><refentrytitle>systemd-resolved</refentrytitle><manvolnum>8</manvolnum></citerefentry> for
	50	the full list. This duplicates the functionality of
	51	<citerefentry><refentrytitle>nss-myhostname</refentrytitle><manvolnum>8</manvolnum></citerefentry>, but
	52	it is still recommended (see examples below) to keep <command>nss-myhostname</command> configured in
2b015ea4 ZJS	53	<filename>/etc/nsswitch.conf</filename>, to keep those names resolveable if
2b015ea4 ZJS	54	<command>systemd-resolved</command> is not running.</para>
0d6868f9 LP	55	</refsect1>
	56
	57	<refsect1>
	58	<title>Example</title>
	59
9053aaad LP	60	<para>Here is an example <filename>/etc/nsswitch.conf</filename> file that enables <command>nss-resolve</command>
9053aaad LP	61	correctly:</para>
0d6868f9	62
94f760ec	63	<!-- synchronize with other nss-* man pages and factory/etc/nsswitch.conf -->
38ccb557	64	<programlisting>passwd: compat systemd
d296c20f	65	group: compat [SUCCESS=merge] systemd
0d6868f9 LP	66	shadow: compat
0d6868f9 LP	67
d296c20f	68	hosts: mymachines <command>resolve [!UNAVAIL=return]</command> files myhostname dns
0d6868f9 LP	69	networks: files
	70
	71	protocols: db files
	72	services: db files
	73	ethers: db files
	74	rpc: db files
	75
	76	netgroup: nis</programlisting>
0d6868f9 LP	77	</refsect1>
	78
	79	<refsect1>
	80	<title>See Also</title>
	81	<para>
	82	<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
	83	<citerefentry><refentrytitle>systemd-resolved</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
409093fe	84	<citerefentry><refentrytitle>nss-systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
0d6868f9	85	<citerefentry><refentrytitle>nss-myhostname</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
409093fe	86	<citerefentry><refentrytitle>nss-mymachines</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
0d6868f9 LP	87	<citerefentry project='man-pages'><refentrytitle>nsswitch.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
	88	</para>
	89	</refsect1>
	90
	91	</refentry>